Home
HIGH: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HDefault status
unaffected
0.0.0 (semver) before Firmware v3.2.0
affected
Default status
unaffected
0.0.0 (semver) before Firmware v3.2.0
affected
Default status
unaffected
0.0.0 (semver) before Firmware v3.2.0
affected
Default status
unaffected
0.0 (semver) before Firmware v6.0
affected
Default status
unaffected
0.0 (semver) before Firmware v6.0
affected
Default status
unaffected
0.0 (semver) before Firmware v6.0
affected
Description
An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.
Problem types
CWE-239:Failure to Handle Incomplete Element
Product status
0.0.0 (semver) before Firmware v3.2.0
0.0.0 (semver) before Firmware v3.2.0
0.0.0 (semver) before Firmware v3.2.0
0.0 (semver) before Firmware v6.0
0.0 (semver) before Firmware v6.0
0.0 (semver) before Firmware v6.0
Credits
Damian Pfammatter, Daniel Hulliger from Cyber-Defence Campus armasuisse S+T
References
sauter.csaf-tp.certvde.com/...f/white/2025/vde-2025-060.json
Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.
